DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

GhostShell, On the Record – “Team” GhostShell?

Posted on March 15, 2016 by Dissent

This post is part of an extended interview conducted by DataBreaches.net and CyberWarNews.info with the hacker formerly known as “GhostShell.”

We asked GhostShell about other members of Team GhostShell and how many there were, because frankly, one of us (yes, that would be me) suspected that the team was really a one-man operation. His answer seems to be depend on what you mean by “team,” but he mostly confirmed my suspicions:

The majority of every single hack accredited to TGS, no less than 99% was done by a single entity. GhostShell.

The thing about Team GhostShell is that it was this phenomenon where many people decided to join behind it and support the group in their own way. There are users that are viewed generally as members but are not. There are users that are considered to be directly involved with TGS but are not. The reasons why it never bothered me was simple. On one side they acted as camouflage and on the other hand, I as the founder had complete control over the group.

(There’s also the fact that some of the known accounts are either decoys or duplicates of the same person.)

Later, GS would admit to us that @MidasLab and @OphiusLab were two of his alternate identities, as well as DeadMellox (an identity he established merely to help him track references to his hacking via a Google search), and WhiteFox.

In addition to proof he had previously provided to us as to his identity, he gave us the login credentials for the @MidasLab and @OphiusLab Twitter accounts, and we were able to access and control those accounts. Here’s a screencap from when we were logged into the OphiusLab account:

OphiusLab_screencap
Logged in to @OphiusLab. Screencap credit: DataBreaches.net

As an interesting side note, OphiusLab was originally created, he said, for an operation or project involving the medical sector.  When we asked him why he never seemed to attack the medical sector, he replied:

Back in 2012 I was ready to get serious with medical targets. This was right after the WallStreet leak with MidasBank. So I came up with OphiusLab. And everything was set but while I was working on the targets I came to a somber conclusion; that hacking the medical sector is the closest thing a hacker could get to actually harming a person in real life. Forget about SCADA or any of that. Breaching inner hospital networks whether they’re on the net or forbidden intranet networks that because of stupid people were one way or another connected online made me understand that you could realistically alter records, prescriptions and anything else that was sensitive to the wellbeing of a patient.

Not gonna lie, at the time it scared me so I dropped it, in the first ophiuslab release I even switched the main leak with a server from MIT instead of hospital or medical facility data.

But there were many more identities, as he would later tell us:

I have over a thousand identities and who knows how many more online nicknames. I’m actually curious myself to see on my indictment how many of them there have been. Without any exaggeration if they put all of them from the usual networks I’ve been, at least the top ten pages will be just with my names. Lmao

Q: Was anyone associated with TGS ever arrested?

I thought one of them was in 2012 but I’m not sure anymore. I was completely certain at the time. It makes no difference though, we barely know anything about each other. I always kept it that way with the mantra “Never trust anyone, not even me!”

Interview Topics:

  • #OpRomania
  • Anonymous
  • MalSec
  • “Team” GhostShell?
  • More on Snitches, the Feds, and the Scene
  • Why did he really disappear in 2013?
  • On criticisms of “simple” hacks
  • Psychological Factors
  • Difficulty Finding Work and Risk of Arrest
  • If You Knew Then What You Know Now….
Category: Commentaries and AnalysesHack

Post navigation

← GhostShell, On the Record – MalSec
GhostShell, On the Record – Snitches, Feds, and the Scene →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Hearing on the Federal Government and AI
  • Nigerian National Sentenced To More Than Five Years For Hacking, Fraud, And Identity Theft Scheme
  • Data breach of patient info ends in firing of Miami hospital employee
  • Texas DOT investigates breach of crash report records, sends notification letters
  • PowerSchool hacker pleads guilty, released on personal recognizance bond
  • Rewards for Justice offers $10M reward for info on RedLine developer or RedLine’s use by foreign governments
  • New evidence links long-running hacking group to Indian government
  • Zaporizhzhia Cyber ​​Police Exposes Hacker Who Caused Millions in Losses to Victims by Mining Cryptocurrency
  • Germany fines Vodafone $51 million for privacy, security breaches
  • Google: Hackers target Salesforce accounts in data extortion attacks

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • The Decision That Murdered Privacy
  • Hearing on the Federal Government and AI
  • California county accused of using drones to spy on residents
  • How the FBI Sought a Warrant to Search Instagram of Columbia Student Protesters
  • Germany fines Vodafone $51 million for privacy, security breaches
  • Malaysia enacts data sharing rules for public sector
  • U.S. Enacts Take It Down Act

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.